CORS request with IE11

Question

I have a CORS (cross origin resource sharing) request coming from my login page to the application site, on a different URL. I have a simple page I ping to determine if a us

Answer 1

Changing the setting for "Access data sources across domains" to Enabled turns off cross-domain checks in IE and is horrifically unsafe. Instead, you need to ensure that the target 3rd-party resource sends a valid P3P policy that indicates that it's not doing horrible things to the user's privacy.